[gtank]

I highly endorse this sort of thing! Reverse engineering online games is how I really got started with computers. It's a great teaching tool because the reward loop is short and immediately relevant - you get superpowers, in the game you already play with your friends, in almost direct proportion to how much you've learned.

Depending on the game you'll learn about binary reversing, executable formats, networking, rendering, x86 assembly, C, JVM bytecode, or more advanced topics. We dove right into hard things because it was fun and there was no one to tell us they were too hard for kids. The end result among my group of friends seems to be several careers in tech with a decided systems and security skew.

edit: I remember Runescape in particular. They applied such an escalating series of obfuscations to the client code and network protocol that we deployed things I now recognize as AST analysis and machine learning to work past them. These days, I really wonder what the view from the Jagex security team was like. Did they have fun constantly coming up with new challenges for bored teenagers?

[stickydink]

I too got into my game development career by essentially, trying to hack Runescape. I sank an unhealthy amount of my early teenage years working on Runescape bots, for both original and RS2. Every time I think back on it, so many happy and exciting memories.

From AutoRune scripts, to writing bots, to computer vision, all for one game. That turned into an obsession with an industry that had me move half way across the world to work on our own multiplayer virtual worlds.

The community was pretty active, and at one point I was building/hosting the most-used public bots/sites. I can imagine our paths crossed one-way or another at some point!

[gtank]

I have a very similar set of good memories. I put more time into deobfuscation, updating, detection evasion, and (eventually) server emulation than bots per se.

My contact info is in my profile, it would be cool to see if we ran into each other back then.

[rampant]

Me too! It was such a fantastic experience in retrospect. I've never been so incentivized to learn than during my reverse engineering years.

I started off writing SCAR scripts for Runescape and then got into development for the Aryan bot and private RS servers (if any of those ring any bells). I remember deobfuscation tools being consistently released and updated, but I left the runescape scene for warcraft before I could that far involved.

I have a friend who worked on anti-cheat technology for a very well known gaming company. He in fact started off selling hacks for said company and was hired to protect against them many years later. It was entertaining because part of his job was to maintain his old aliases and create new ones and frequent all the hacking forums and IRC channels to listen in on all the discussions. He would even sometimes contribute random information as part of his ruse. The best part is when his team would leave secret messages to hack developers (like in the byte patterns of the signature scans or embedded within the anti-cheat modules that were being mapped into memory). They had a great sense of humor and the hacking community picked up on it and loved it.

I think coming from our background and having to work in a security capacity like that would be fun as hell. It's very open-ended and like a never ending cat-and-mouse game. I'm sure the Jagex security team felt a similar drive back in the day.